We are committed to protecting and respecting your privacy. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

1. HOW WE HANDLE YOUR DATA

This section covers the sources and categories of personal data that we collect and process, why we do so, and the lawful bases for such processing.

This Privacy Policy covers the processing of the following categories of individuals:

Section 1.1 Our Digital visitors

Section 1.2 Our Business Partners (this section covers existing and prospective customers, business partners and suppliers collectively called Business Partners. Where these are legal entities, this covers their employees or representatives)

1.1. IF YOU ARE A DIGITAL VISITOR

A. Sources of personal data

We may obtain your personal data from the following sources:

from you directly (for example, at the time of subscribing to any services offered on our website, mobile applications, events, interactive kiosks or social media including but not limited to email mailing lists, interactive services, posting material or requesting further goods or services);

Let you know about our products, services and events that may be of interest to you by letter, telephone, email or other forms of electronic communication

Promote our goods and services

Management Reporting (including at an intra-group level)

Learn about how our products or services may be used

Understand the market in which we operate

Management Reporting (including at an intra-group level)

If you object to us using your personal data for the above purposes, including direct marketing, please contact us using contact details set out in section 9

Where we use cookies or similar technologies we will seek your prior consent where required to do so by law.

Where we use your email or other digital means to communicate marketing information to you we will seek your prior consent where required to do so by law.

We do not sell your personal data to any third party. Your data may only be shared with third parties when you give us your express permission.

Our website may, from time to time, contain links to and from the websites of our partner networks, creative partners and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy notices or policies and that we do not accept any responsibility or liability for how they process your personal data. Please check their privacy notices or policies before you submit any personal data to these websites.

Please do not submit any information via this website if you are not happy with the way your personal data is processed as described in this Privacy Policy.

1.2. IF YOU ARE OUR BUSINESS PARTNER

This section covers existing and prospective customers, business partners and suppliers, collectively called Business Partners. We may collect personal data related to employees, directors, authorised signatories and other individuals associated with our existing or prospective Business Partners.

1.3. IF YOU ARE A VISITOR TO OUR PREMISES or our events

A. Sources of personal data

We may obtain your personal data from you directly and from our systems’ records

B. Personal data that we collect and process

name

business contact details

organisation

role

time and date of your visit; and/or

image (for example, from CCTV cameras at our premises, where they are used, or filming/ picture taken during our events)

C. Why do we collect your personal data and what are our lawful bases for it?

We will use personal data in the legitimate interests of our business. In the table below, we explain what specific business interests we pursue when processing your personal data

We may use your personal data to:

What the legitimate interests of our business are:

Security

Managing security, risk and crime prevention

Maintain records of visitors to our premises

Management Reporting

Pictures or filming to support our communication and promotional campaign

Promote our goods and services

If you object to us using your contact details for these purposes, please let us know using the email address provided in section 11.

2. SHARING OF YOUR INFORMATION

We do not sell your personal data to any third party.

Data we collect may also be processed by staff operating outside the EEA who work with us or for us, or for one of our affiliated companies, suppliers or service providers

Recipients of your personal data: –

2.1 Our affiliates

We may disclose your personal information with our affiliates, who may use your information for the purposes described in this Privacy Policy. In so doing, they will be data controllers of your information together with us. As data controllers, our affiliates will process your data in compliance with the GDPR and other relevant data protection laws.

2.2 Third party recipients

We will ensure that any service provider engaged by us is bound to comply with data protection obligations and process your personal data only on documented instructions from us and do not use it for their own purposes.

2.3 Service providers that we may involve for THE PURPOSES described in above sections

Our advertising and promotional agencies and consultants to carry out marketing campaigns or email mailings on our behalf, or analyse or evaluate our data collection process or customer service fulfilment, and Service providers such as website hosting companies.

2.4 Law enforcement or government bodies

We may disclose your personal data as permitted by law in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law.

3. TRANSFERS OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)

If and when transferring your personal data outside the EEA (which consists of EU member states and Iceland, Lichtenstein and Norway), we will only do so using one of the following safeguards:

the transfer is to a non-EEA country which has an adequacy decision by the EU Commission;

the transfer is covered by a contractual agreement, which covers the GDPR requirements relating to transfers to countries outside the EEA;

the transfer is to an organisation which has Binding Corporate Rules approved by an EU data protection authority; or

the transfer is to an organisation in the US that is EU-US Privacy Shield certified.

You may request a copy of any relevant document in relation to transfers of your personal data outside the EEA by contacting us using the contact details in section 9 below.

4. YOUR RIGHTS

You are entitled to obtain information from us on how we handle your personal data, to see copies of all personal data held by us and to request that your personal data is amended, corrected or deleted from our systems. You can also limit, restrict or object to the processing of your data.

We do not carry out any decision-making based solely on automated processing, including profiling.

If you gave us your consent to use your data, e.g. so that we can send you marketing emails, you can withdraw your consent at any time. Please note that even if you withdraw your consent, we can still rely on the consent you gave as the lawful basis for processing your personal data before you withdrew your consent.

You can object to our use of your personal data where we stated we rely on our legitimate business interests to do so. We explained the legitimate interests we rely on in sections ‘Why do we collect your personal data and what are our lawful bases for it?’ above.

If you would like to exercise any of your above rights, contact us using the contact details in section 9 below.

5. VARIATIONS

We may revise this Privacy Policy at any time by amending this page. Any changes to our processing will take effect within a reasonable period of time after posting the amended Privacy Policy, so that you would have time to consider if you are ok with the changes.

6. CHILDREN

Our website is designed to appeal to adults only. We do not knowingly solicit any information from children or people under the legal drinking age, nor do we knowingly market or otherwise target our websites or its products or services to children or people under the legal drinking age.

If we become aware that a visitor to our websites is a child or under the Legal Drinking Age in the country or other territory in which he or she is located at the relevant time and has registered without verifiable parental consent, we will remove his or her personal information from our files.

7. RETENTION PERIOD

We will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with your relationship with us, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.

8. INFORMATION ABOUT US

In the present Privacy Policy, “We” or “us” means Bacardi Global Brands Limited, registered in England and Wales under company number 3651489. Our registered office and main trading address is at 12 Steward Street, London, E1 6FQ, United Kingdom. Our VAT number is GB 222 2530 16. If you have any concerns about material which appears on our website or if you need to communicate with us, please contact us as explained in section 9.

For the purpose of the General Data Protection Regulation 2016/679 and any implementing legislation (the “GDPR”), we will be the data controller responsible for any personal information about you.

If you are unhappy with how we dealt with your request or complaint, you have the right to file a complaint with the Information Commissioner’s Office, the UK data protection supervisory authority or your local data protection supervisory authority in the EU.